Hi, I am noticing that when running the following script, it reports that NTP Client is ok and running. Thats fine, but when I go into the host service console, and run esxcfg-firewall -d NTPClient followed by service ntpd stop the results of the script are the same.
$ntprun = @()
foreach ($vmhost in get-vmhost) {
$fw = $vmhost | get-VMHostFirewallException | where {$_.name -eq "NTP Client" -and $_.Enabled -eq "true" -and $_.ServiceRunning -eq "true"}
$row = "" | select @{Name = "Host"; Expression = {$vmhost.name}}, @{Name = "Firewall and Service"; Expression = {$fw.name}}, @{N=”NTP Servers”;E={Get-VMHostNtpServer $vmhost}}
$ntprun +=$row
}
$ntprun
What I want to acheive is a table, stating that the ntp service is running, and that the firewall is open. Even with just get-vmhopstfirewallexception -vmhost ESX1 the service is showing as running and the ntpclient is showing as enabled despite the fact I have disabled them.
Am I missing something, or talking about two separate things?
Thanks in advance.
Dan
The Enabled and ServiceRunning properties are Boolean values, so you have to compare with $false or $true.
Not against the string "false" or "true".
$ntprun = @() foreach ($vmhost in get-vmhost mmmstv004.muac.corp.eurocontrol.int) { $fw = $vmhost | get-VMHostFirewallException | where {$_.name -eq "NTP Client" -and $_.Enabled -eq $true -and $_.ServiceRunning -eq $true} $row = "" | select @{Name = "Host"; Expression = {$vmhost.name}}, @{Name = "Firewall and Service"; Expression = {$fw.name}}, @{N=”NTP Servers”;E={Get-VMHostNtpServer $vmhost}} $ntprun +=$row } $ntprun
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
The Enabled and ServiceRunning properties are Boolean values, so you have to compare with $false or $true.
Not against the string "false" or "true".
$ntprun = @() foreach ($vmhost in get-vmhost mmmstv004.muac.corp.eurocontrol.int) { $fw = $vmhost | get-VMHostFirewallException | where {$_.name -eq "NTP Client" -and $_.Enabled -eq $true -and $_.ServiceRunning -eq $true} $row = "" | select @{Name = "Host"; Expression = {$vmhost.name}}, @{Name = "Firewall and Service"; Expression = {$fw.name}}, @{N=”NTP Servers”;E={Get-VMHostNtpServer $vmhost}} $ntprun +=$row } $ntprun
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks LucD for this, but unfortunately it is still reporting oddly:
get-vmhostfirewallexception -vmhost esx1
lists the NTPClient as service running and enabled despite me stopping the ntpd and disabling the service in the firewall.
Is this command only showing the exceptions on startup? As it doesn't seem to change when I disable them.
Thanks,
Dan
You're right, you have to explicitly refresh the services.
That can be done like this
$esxName = <esx-hostname> $srvSys = Get-View (Get-VMHost | Get-View).ConfigManager.ServiceSystem $srvSys.RefreshServices()
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Brilliant, that works for the service, is there one to refresh the status of the firewall, because it still shows the ntpClient as enabled. The service running is now showing at false.
Sorry, forgot to add that one
$esxName = <esx-hostname> $fwSys = Get-View (Get-VMHost $esxName | Get-View).ConfigManager.firewallSystem $fwSys.RefreshFirewall()
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
LucD, thats perfect, thanks so much for all your help once again.
I now have this, which works a treat!
$ntprun = @()
foreach ($vmhost in get-vmhost)
{
$srvSys = Get-View (Get-VMHost $vmhost | Get-View).ConfigManager.ServiceSystem
$srvSys.RefreshServices()
$fwSys = Get-View (Get-VMHost $vmhost | Get-View).ConfigManager.firewallSystem
$fwSys.RefreshFirewall()
$fw = $vmhost | get-VMHostFirewallException | where {$_.name -eq "NTP Client" -and $_.Enabled -eq $true -and $_.ServiceRunning -eq $true}
$row = "" | select @{Name = "Host"; Expression = {$vmhost.name}}, @{Name = "Firewall and Service"; Expression = {$fw.name}}, @{N=”NTP Servers”;E={Get-VMHostNtpServer $vmhost}}
$ntprun +=$row
}
$ntprun
You're welcome.
Great script btw.
@VMW Would be a great improvement for a future PowerCLI build to add a -Refresh parameter.
____________
Blog: LucD notes
Twitter: lucd22
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference